Vulnerabilities (CVE)

Filtered by vendor Store-opart Subscribe
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-50061 1 Store-opart 1 Op\'art Easy Redirect 2024-08-22 N/A 9.8 CRITICAL
PrestaShop Op'art Easy Redirect >= 1.3.8 and <= 1.3.12 is vulnerable to SQL Injection via Oparteasyredirect::hookActionDispatcher().
CVE-2023-48188 1 Store-opart 1 Op\'art Devis 2024-02-05 N/A 9.8 CRITICAL
SQL injection vulnerability in PrestaShop opartdevis v.4.5.18 thru v.4.6.12 allows a remote attacker to execute arbitrary code via a crafted script to the getModuleTranslation function.
CVE-2020-16194 1 Store-opart 1 Quote 2024-02-04 5.0 MEDIUM 5.3 MEDIUM
An Insecure Direct Object Reference (IDOR) vulnerability was found in Prestashop Opart devis < 4.0.2. Unauthenticated attackers can have access to any user's invoice and delivery address by exploiting an IDOR on the delivery_address and invoice_address fields.